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DETAILED ACTION 

1 . This action is responsive to communications: application, filed 10/23/2003; 
amendment filed 5/23/2008. 

2. Claims 1-24 are pending in the case. 

Response to Arguments 

3. Applicant's argument is moot in view of the new grounds of rejection as follows: 

Claim Rejections - 35 USC §112 

4. The following is a quotation of the first paragraph of 35 U.S. C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

5. Claims 1-24 are rejected under 35 U.S.C. 112, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject matter 
which was not described in the specification in such a way as to reasonably convey to 
one skilled in the relevant art that the inventor(s), at the time the application was filed, 
had possession of the claimed invention. The amended claims include the feature of: "a 
registration request message, which is encrypted by the session key, including said 
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session key encrypted by said public key". The Specification supports sending a 
registration request encrypted by the session key. It also supports sending the session 
key encrypted by the public key. However, the claims require that the session key be 
included in the registration request, and the entire registration message to be encrypted. 
This feature is not supported in the Specification. In fact, if the session key is included in 
the message, and the message is encrypted by the session key, the OLT would not be 
able to access the session key, and it will render the invention inoperable. A correction 
such that the session key is received at OLT, encrypted only by OLTs public encryption 
key would be acceptable. 

Also, said claims include the limitation: "a general gate message encrypted by a session 
key, which is encrypted using said public key ". The Specification does not support this 
feature, "a general gate message encrypted by a session key" is supported, but 
encrypting with a session key, which is encrypted by the public key is not. The 
Specification teaches that the encrypted session key is decrypted, and then used to 
encrypt the messages. 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
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invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claim 1 and 14 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Security Model and Authentication Protocol in EPON-based Optical Access Network, 
(hereinafter called Roh) by Roh and Kim, published as part of Transport Optical 
Networks, 2003, Proceedings of the 2003 5 th International Conference on 29 June-3 
July 2003 (volume 1), in view of Examiner's Official Notice. 

7.1 . As per claim 1 , Roh is directed to a key management device for provision of a 
security service in an Ethernet-based passive optical network (abstract), comprising: an 
optical line terminal for sending a discovery gate message to discover an optical 
network unit for data transmission (Fig. 3 and associated text, where GATE(Discover 
Gate) is sent from the OLT to ONU), the discovery message including a public key of 
the optical line terminal (as shown in Roh Fig. 3, the OLT sends its public key to the 
ONU, but it does not explicitly show that the key is included in the discovery message. 
Examiner takes the Official Notice that inclusion of an extra field in a message to 
include additional information was well-known in the art at the time of invention. 
Therefore, it would have been obvious to add the public key to the gate discovery 
message. This is because Roh shows that the public key is to be sent via a message. 
One with ordinary skills in art would be motivated to include the public key in the gate 
discovery message because it will allow a reduction of number of message exchanged 
during the secured registration process), and, if said optical network unit receives said 
discovery gate message and then requests data communication (Fig. 3, the REGISTER 
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REQUEST message), sending an encrypted registration message including a 
permanent medium access control (MAC) address of said optical network unit to said 
optical network unit to notify said optical network unit that it has been registered and a 
general gate message encrypted by a session key, which is encrypted using said public 
key, including said permanent MAC address of said optical network unit to said optical 
network unit to allocate a time slot to said optical network unit (Fig. 3, the REGISTER 
message, along with the GATE(GRANT), and the key certification. Note that the system 
is based on the Ethernet protocol, and therefore each message exchanged between 
communicating entities contains the MAC address. Also note that Roh teaches that after 
the session key is established between the ONU and OUT, all control messages and 
data messages are encrypted using the session key); 
and said optical network unit for receiving said discovery gate message and 
then sending a registration request message, which is encrypted by the session key, 
including said session key encrypted by said public key to said optical line terminal to 
request the data communication therewith and a registration acknowledgement 
message, encrypted by said session key to said optical line terminal to respond to said 
registration message (Fig. 3, the responses from the ONU to OLT corresponding to 
messages sent from OLT to ONU. Note that Roh also teaches sending the session key 
encrypted by OLT's public key to the OLT. Therefore both Roh and the claimed 
invention establish the session key at the OLT by sending the session key encrypted by 
the public key. Roh also discloses using the session key for secured communication 
between the ONU and OLT as soon as the session key is established. Therefore, it 
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would have been obvious to encrypt the registration request using the session key when 
the session key is made available at the OLT to decrypt the registration request 
encrypted with the session key). 

7.2. Limitations of claim 1 4 are substantially the same a claim 1 . 

8. Claims 2-13, and 15-24 rejected under 35 U.S.C. 103(a) as being unpatentable 
over Roh in view of Examiner's Official Notice as applied to claiml above, and further in 
view of Cryptography and Network Security, by W. Stallings, 2 nd Edition, 1 999, 
hereinafter called Stallings. 

8.1 . As per claim 3, Roh is directed to the key management device as set forth in 
claim 1 , wherein said discovery gate message includes a time slot field allocated to said 
optical network unit for registration thereof, a capability of said optical line terminal, a 
public key of said optical line terminal, and a nonce encrypted by a private key of said 
optical line terminal for signature (Based on Roh section 4.1 , after the session key is 
exchanged between OLT and ONU, all communications are encrypted for security using 
the session key. However, Roh does not specifically describe use of a private key 
system and a signature to enhance the security of communication. 

Stallings teaches use of private key systems and signature to protect data 
communication. Stallings also teaches details of key exchange protocols to exchange 
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the private/public keys and signature keys, when a session key is established between 
parties. 

At the time of invention, it would have been obvious to the one skilled in art, to enhance 
the security of the system taught by Roh, by using private key protocols and digital 
signatures as taught by Stallings. 

The motivation to do so would have been to improve the system security. Note that 
Roh section 4.2. identifies Stallings as a reference for teaching encryption protocols to 
enhance security. 

All the fields, such as the time slot field, are part of EPON protocol). 

8.2. As per claim 2, Roh is directed to the key management device as set forth in 
claim 1, wherein said discovery gate message is periodically sent (per Ethernet 
protocol, discovery messages are periodically sent from OLT to discover new elements 
seeking to connect). 

8.3. As per claim 4, Roh is directed to the key management device as set forth in 
claim 1, wherein said registration request message includes a physical ID capability, a 
capability of said optical network unit, an echo of a capability of said optical line 
terminal, a session key, a nonce decrypted by a public key of said optical line terminal, 
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and a nonce created for signature of said optical network unit (Examiner take the official 
notice that all the exchanged fields are well known as part of EPON protocol, and 
therefore, would have been obvious to include in the security protocol taught by Roh). 

8.4. As per claim 5, Roh is directed to the key management device as set forth in 
claim 4, wherein said physical ID capability, said capability of said optical network unit, 
said echo of said capability of said optical line terminal, said nonce decrypted by said 
public key of said optical line terminal and said nonce created for the signature of said 
optical network unit are encrypted using said session key (see response to claim 4). 

8.5. As per claim 6, Roh is directed to the key management device as set forth in 
claim 4, wherein said session key is encrypted using said public key of said optical line 
terminal (see response to claim 4 and 1). 

8.6. As per claim 7, Roh is directed to the key management device as set forth in 
claim 1, wherein said registration message further includes a physical ID list, an echo of 
a capability of said optical network unit, and a signature of said optical network unit (see 
response to claim 4). 

8.7. As per claim 8, Roh is directed to the key management device as set forth in 
claim 1, wherein said general gate message further includes a time slot field for 
upstream transmission of said optical network unit (see response to claim 4). 
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8.8. As per claim 9, Roh is directed to the key management device as set forth in 
claim 8, wherein said general gate message is encrypted using a session key (see 
response to claims 1 and 4). 

8.9. As per claim 1 0, Roh is directed to the key management device as set forth in 
claim 1, wherein said registration acknowledgement message includes a session key 
encrypted by a public key of said optical line terminal, and an echo of a registered 
physical ID (see response to claims 1 and 4). 

8.10. As per claim 1 1 , Roh is directed to the key management device as set forth in 
claim 10, wherein said registration acknowledgement message is encrypted using said 
session key (see response to claims 1 and 4). 

8.11. As per claim 1 2, Roh is directed to the key management device as set forth in 
claim 1, wherein said optical line terminal includes: a public key processor for creating a 
public key to be included in said discovery gate message, and encrypting and 
decrypting said public key; a session key processor for decrypting said registration 
request message and registration acknowledgement message from said optical network 
unit using a session key, and encrypting said general gate message and registration 
message using said session key; a private key processor for creating a private key 
using said public key for encryption of messages to be transmitted to said optical 
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network unit and decryption of messages received from said optical network unit, and 
encrypting and decrypting said private key; and storage means for storing and 
managing said public key, session key and private key (All the processes in the claim 
are addressed in claims 1-1 1 above. Once the processes are taught, the hardware 
(processor) to perform said processes in the OLU and ONT is also taught, as it is a 
trivial requirement to develop the system). 

8.12. As per claim 13, Roh is directed to the key management device as set forth in 
claim 1, wherein said optical network unit includes: a session key processor for creating 
a session key for encrypted communication with said optical line terminal, encrypting a 
part of said registration request message using said session key, decrypting said 
registration message and general gate message from said optical line terminal using 
said session key and encrypting said registration acknowledgement message using said 
session key; a public key processor for encrypting said session key using a public key 
from said optical line terminal; and storage means for storing said session key and 
public key (see response to claim 12. Note that performing decryption to access 
encrypted data is an integral part of encryption systems taught by Stallings). 

8.13. Limitations of claims 15-24 are substantially the same as claims 2-13 above. 

8.14. Claims 29-35 are withdrawn from consideration by the applicant's election in 
response to restriction requirement. Claims 25-28 are cancelled. 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Farid Homayounmehr whose telephone number is 571 
272 3739. The examiner can normally be reached on 9 hrs Mon-Fri, off Monday 
biweekly. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kristine Kincaid can be reached on (571) 272-4063. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 

Farid Homayounmehr 
Examiner 
Art Unit: 2139 
/Kristine Kincaid/ 

Supervisory Patent Examiner, Art Unit 2139 
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